General guidelines for setting up security software (such as firewalls and antivirus), repairing compromised systems, and securing email.

Basic Help and Guides

The following guides provide tips on which features you should set up for firewalls, antivirus, and email. These are not step-by-step guides, but general guidelines for good set up.

What to do when compromised

If your system is compromised, it is vital to remove the infection as soon as possible. Under no circumstances should you use the compromised machine to access confidential information. Until the machine is confirmed as free of risk, it is likely someone will get access to your information.

It is best to approach the issue in a manner similar to the following:

Disconnect your computer from any network it is connected to. This makes sure that external attackers can no longer access your files. This also stops the spread of infections to other computers on your network.

To check if the infection has spread, perform a malware and antivirus scan of any other computers on your network. For Windows systems, it is recommended that you scan in Safe Mode. Repeat this process for all computers on your network.

If the system is progressively failing, or your data is not accessible, you may need to restore from a backup. Keep in mind that backups made after infection may carry the infection. Scan and clean your backup before restoring data.

If your system is beyond restoration with normal recovery tools, perform a complete system reformat and reinstall.

Change passwords on all your commonly used or important accounts to protect your information and banking details. It's also a good idea to keep an eye on your accounts to check for any unauthorised transactions or changes.

If you don't feel confident in handling any of the above yourself, a skilled computer technician should be able to assist you with recovering your system.

Basic set up for a firewall

You generally want a firewall in a home environment to allow all traffic to flow within your local network. This allows your home computers and devices to communicate with one another.

For traffic from outside your local network - such as from the Internet - it's best to restrict this to what's needed and no more. In most cases all you need are email, web browsing, and any software you might use that needs direct outbound access.

Alternatively, you may wish to allow all outbound traffic, and only allow replies to this traffic back in. This 'stateful' approach limits inbound traffic to the applications you allow to send traffic out (such as games or web browsers) and provides generally good protection.

Many modern firewall programs support profiles - allowing separate settings for work, home, or travel. This also allows restrictive profiles for non-trusted networks such as wireless hotspots.

Basic set up for Antivirus Software

Most antivirus programs set themselves up securely by default and may only need minor tweaking.

Some antivirus programs - especially if part of a complex Internet security suite - may need configuration. Below are some key features to check. Some free or limited versions may lack these features. An up-to-date antivirus suite supported via subscription is best.

Resident Scanner

All good antivirus programs contain resident or background scanners that scan all file activity on your system. This is designed to make sure that infections are stopped as they begin.

Ensure that resident scanners are enabled.

Opt for quarantine over outright deletion of files that cannot be 'healed'. That way you can save any vital documents that have been either falsely accused or that you need, even if they are infected. For more specific information refer to your antivirus documentation.

Email Scanner

An email scanner is included in many antivirus packages, and scans your inbound and outbound mail.

Make sure your email scanner is configured correctly. If you have a very slow connection, you may need to disable the email scanner. This should only be considered if absolutely necessary, as it adds risk of infected emails passing through unchecked.

Full system scan

Full system scans are more in-depth than the resident scanner and can catch things the resident scanner missed. A weekly or daily scan is recommended, especially if your PC is usually switched on for long periods. It's best to run the scan when you're not using the computer, so it doesn't impact your use.

Oddly enough, switching off your PC when not in use can offer some protection against zero day exploits.

You can tell the scanner what to do if it finds a virus, so it doesn't impact much on your general computer use. This will make sure the scan is as seamless as possible.

Update schedule

Most antivirus programs include a default update schedule, however some update in the early hours - when the computer is likely to be off. This means the update either fails to run, or it runs when the computer starts up.

By default most automatic update functions update at most once per day. If your software allows it, we recommend that you set up multiple hourly checks for updates.

Email Client Setup

If you're concerned about the security of your emails while in transit, we recommend you use secure mail. Internode's secure IMAP/POP3/SMTP encrypts your email with SSL - the same encryption used for secure web pages - so they can't be read by prying eyes.